package com.beauty.security;

import com.beauty.services.MyBaitsHelp;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;


@Configuration
public class AuthProviderConfig extends WebSecurityConfigurerAdapter {
    private final MyBaitsHelp myBaitsHelp;

    AuthProviderConfig(MyBaitsHelp myBaitsHelp) {
        this.myBaitsHelp = myBaitsHelp;
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.cors().and().csrf().disable()
                .authorizeRequests().antMatchers("/api/login", "register", "getNoteList").permitAll()
                .and()
                .addFilter(new CookieFilter(authenticationManager()));
    }

}
